#ifndef QOS_CPP_SECURITY_CONFIG
#define QOS_CPP_SECURITY_CONFIG

#include <cstdint>
#include <cstddef>
#include "FSCP_Utils.hpp"

namespace qOS {

/**
 * @brief Security configuration structure for functional safety
 * @details Centralizes all security-related settings and thresholds
 */
struct SecurityConfig {
    // Token security settings
    static const uint32_t MIN_HAMMING_DISTANCE = 24;        /**< Minimum Hamming distance between tokens */
    static const uint32_t TOKEN_ENTROPY_BITS = 32;       /**< Number of entropy bits in tokens */
    static const uint64_t TOKEN_TIMEOUT_US = 1000000;    /**< Token timeout in microseconds */
    
    // Anomaly detection thresholds
    static const uint32_t MAX_FAILURE_COUNT = 100;        /**< Maximum allowed failures before alert */
    static const uint32_t HIGH_EXECUTION_COUNT = 1000;   /**< High execution count threshold */
    static constexpr double MAX_FAILURE_RATE = 0.5;           /**< Maximum failure rate (50%) */
    
    // Timing safety thresholds
    static const uint64_t MIN_SLACK_TIME_US = 100;       /**< Minimum slack time in microseconds */
    static const uint64_t DEADLINE_WARNING_THRESHOLD = 90;   /**< Deadline warning at 90% usage */
    
    // Security monitoring settings
    static const uint32_t AUDIT_INTERVAL_CYCLES = 1000;   /**< Security audit interval */
    static const uint32_t SECURITY_LOG_LEVEL = 2;        /**< Security log verbosity level */
    static const bool ENABLE_INTRUSION_DETECTION = true;    /**< Enable intrusion detection */
    
    // Memory protection settings
    static const size_t MAX_STACK_USAGE_PERCENT = 80;      /**< Maximum stack usage percentage */
    static const bool ENABLE_HEAP_PROTECTION = true;         /**< Enable heap protection */
    static const uint32_t MEMORY_CANARY_VALUE = 0xDEADBEEF; /**< Memory canary value */
};

/**
 * @brief Security manager class for functional safety
 * @details Provides centralized security monitoring and threat detection
 */
class SecurityManager {
private:
    static uint32_t securityViolations;
    static uint32_t intrusionAttempts;
    static uint64_t lastAuditTime;
    static bool securityInitialized;
    
public:
    /**
     * @brief Initialize security manager
     */
    static void initialize();
    
    /**
     * @brief Report security violation
     * @param violationType Type of security violation
     * @param description Description of the violation
     */
    static void reportViolation(FSCP_ErrorType violationType, const char* description);
    
    /**
     * @brief Check for intrusion patterns
     * @return Whether intrusion is detected
     */
    static bool detectIntrusion();
    
    /**
     * @brief Perform security audit
     */
    static void performAudit();
    
    /**
     * @brief Get security statistics
     * @return Number of security violations
     */
    static uint32_t getViolationCount();
    
    /**
     * @brief Reset security counters
     */
    static void resetCounters();
    
    /**
     * @brief Validate token security
     * @param token Token to validate
     * @return Whether token is valid
     */
    static bool validateToken(uint64_t token);
    
    /**
     * @brief Check if system is under attack
     * @return Whether attack patterns are detected
     */
    static bool isUnderAttack();
};

} // namespace qOS

#endif // QOS_CPP_SECURITY_CONFIG